Eray Aslan wrote: > > The servers in question already have encryption at the file system level > with cryptsetupLUKS for Linux and truecrypt for windows boxes. But the > trouble is these do not provide any defense against attacks through the > network. They will happily serve the emails thru the network to the > appropriate user when asked. FS encryption is only good at boot time. > Once the partition is mounted, you can access the data.
Once again, this would appear to be a server configuration issue, not a GnuPG issue. If it is possible for someone to easily spoof a user's credentials and access their emails, then it's an authentication issue. If you're worried about eavesdropping on the wire, you want SSL or TLS to secure the link. In the case given of IMAP, you want IMAP + TLS or IMAP + SSL Check with your server admins to determine if your server supports IMAP w/ TLS or IMAP w/SSL. POP3 and SMTP also may be configured to use one of these suites. If these are supported, you may select them on the 'Server Settings' tab in 'Account Settings' It sounds as if you need to sit down and realistically evaluate your security needs with those who administer your network and servers. If your threat level is such that you do not feel the existing tools can meet your needs, it's time get out your checkbook and call in a professional not continue to seek free advice on a mailing list. -- John P. Clizbe Inet: John (a) Mozilla-Enigmail.org You can't spell fiasco without SCO. PGP/GPG KeyID: 0x608D2A10/0x18BB373A "what's the key to success?" / "two words: good decisions." "what's the key to good decisions?" / "one word: experience." "how do i get experience?" / "two words: bad decisions." "Just how do the residents of Haiku, Hawai'i hold conversations?"
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
